Multi-PreAuth

[JeremyRubin]

Currently when using pre-authorized transactions, it is common to want one pre-auth to remove another.

E.g.

PreAuth A:
  Pay Account Alice 10 XLM
  Remove PreAuth B
PreAuth B:
  Pay Account Bob 10 XLM
  Remove PreAuth A

This cannot be done, because there ends up being a hash-cycle between A and B. It's also problematic because if A fails, then B still exists.

Instead, the pattern should be:

PreAuth A: (sequence n)
  Pay Account Alice 10 XLM
PreAuth B: (sequence n)
  Pay Account Bob 10 XLM
PreAuth C: (sequence n+1)
  Remove PreAuth B
  Remove PreAuth A

However in this case, we're restricted to keeping the same sequence number on A and B, which in many cases is undesirable (try A then try B).

One way of addressing this would be to have a new type of preauth which is a merkle tree of up to 4 transactions. The lookup proof would then be 64 bytes, fitting exisiting signature data space.

In this case, the execution of any one of the outcomes can remove all 4 of the preauths under that root, replace the failing transaction with a continuation transaction (specified in the failing transaction), or just prune only the branch tried and failed, leaving the others in place. The simplest option is to just allow that upon successful execution of a transaction, the root is removed.

The number of branches could be increased, but that would bear increased complexity on the management of the lookup proof.

This type of mechanism makes many protocols which require mutually exclusive preauths a bit simpler to work with because the user of this API doesn't need to worry about the hash cycles between pre-auths which should remove each other.

[github-actions]

This issue is stale because it has been open for 30 days with no activity. It will be closed in 5 days unless the stale label is removed, or a comment is posted.

[MonsieurNicolas]

I'm keeping this one around. We're not getting much feedback on the complexity of smart contracts that people use